|
|
|
CA RCM and CA Identity Manager use different data models to describe roles, privileges, and resources.
When data is retrieved from CA Identity Manager, most data fields are mapped to obvious parallel fields in the target CA RCM configuration. The following table summarizes exceptions in the default mapping of entities between CA Identity Manager and CA RCM.
|
CA Identity Manager Entity |
Representation in CA RCM |
|
User |
User |
|
Provisioning Role |
Role |
|
Account Template |
Role with a name in one of the following formats: endpoint_type [AT] template_name
Example: Windows NT[AT]N16DefaultPolicy |
|
Endpoint capabilities, for example:
|
Resource The ResName1 field is mapped to the friendly name 'Display Name'. |
|
Endpoint |
An endpoint is mapped to the ResName2 field of the resource, in the format: endpoint_type [EP] endpoint_name
Example: Windows NT[EP]win_machine_1 |
|
User membership in a provisioning role |
User-Role link |
|
Provisioning Role Account Template Note: Some role-role links in CA RCM represent nested provisioning roles. These objects are stored in the provisioning directory; however, they are not visible in the Identity Manager User Console. To view nested provisioning roles, use the Provisioning Manager. |
Role-Role link |
|
The relationship between a role and a capability on a specific endpoint. In CA Identity Manager, this involves a provisioning role which is associated with an account template that grants capabilities on a specific endpoint. |
Role-Resource link |
|
The relationship between a user and a capability |
User-Resource link |
If you intend to export changes to CA Identity Manager, you can create CA RCM entities that do not export easily. To help ensure that your CA RCM configuration maps smoothly to CA Identity Manager data entities, verify the following:
| Copyright © 2010 CA. All rights reserved. | Email CA Technologies about this topic |